From 76d1090d1165e7683805fdefe1fb266b36bfd7db Mon Sep 17 00:00:00 2001
From: abhigyan24-ops <abhigyan2447@gmail.com>
Date: Thu, 21 May 2026 01:18:55 +0530
Subject: [PATCH] feat: add google.oauth.enabled flag and seed default roles
 for Google Auth

---
 .../auth/service/GoogleAuthService.java       | 10 +++-
 .../qrmenu/config/DataInitializer.java        | 52 +++++++++++++++++++
 .../main/resources/application-dev.properties |  3 +-
 .../src/main/resources/application.properties |  2 +
 4 files changed, 65 insertions(+), 2 deletions(-)
 create mode 100644 RestroHub/src/main/java/com/restroly/qrmenu/config/DataInitializer.java

diff --git a/RestroHub/src/main/java/com/restroly/qrmenu/auth/service/GoogleAuthService.java b/RestroHub/src/main/java/com/restroly/qrmenu/auth/service/GoogleAuthService.java
index c6c35588..c8c12394 100644
--- a/RestroHub/src/main/java/com/restroly/qrmenu/auth/service/GoogleAuthService.java
+++ b/RestroHub/src/main/java/com/restroly/qrmenu/auth/service/GoogleAuthService.java
@@ -37,6 +37,9 @@ public class GoogleAuthService {
     @Value("${google.oauth.client-id}")
     private String googleClientId;
 
+    @Value("${google.oauth.enabled:true}")
+    private boolean googleAuthEnabled;
+
     /**
      * Authenticates user via Google OAuth token.
      * 1. Verifies the Google ID token
@@ -51,8 +54,13 @@ public class GoogleAuthService {
      */
     @Transactional
     public AuthResponse authenticateWithGoogle(GoogleAuthRequest googleAuthRequest) {
+        if (!googleAuthEnabled) {
+            log.warn("Google OAuth is disabled via configuration");
+            throw new BusinessException("Google authentication is currently disabled. Please use username/password login.");
+        }
+
         String idToken = googleAuthRequest.getToken();
-        
+
         log.info("Google OAuth authentication initiated");
 
         JsonWebSignature jws = verifyGoogleToken(idToken);
diff --git a/RestroHub/src/main/java/com/restroly/qrmenu/config/DataInitializer.java b/RestroHub/src/main/java/com/restroly/qrmenu/config/DataInitializer.java
new file mode 100644
index 00000000..51cda920
--- /dev/null
+++ b/RestroHub/src/main/java/com/restroly/qrmenu/config/DataInitializer.java
@@ -0,0 +1,52 @@
+package com.restroly.qrmenu.config;
+
+import com.restroly.qrmenu.user.entity.Role;
+import com.restroly.qrmenu.user.repository.RoleRepository;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+/**
+ * Initializes default roles in the database on application startup.
+ * Ensures required roles (ADMIN, RESTAURANT_OWNER, CUSTOMER) exist
+ * before any authentication (including Google OAuth) is attempted.
+ */
+@Component
+@RequiredArgsConstructor
+@Slf4j
+public class DataInitializer implements CommandLineRunner {
+
+    private final RoleRepository roleRepository;
+
+    private static final List<String[]> DEFAULT_ROLES = List.of(
+        new String[]{"ADMIN",            "System administrator with full access"},
+        new String[]{"RESTAURANT_OWNER", "Restaurant owner with management access"},
+        new String[]{"CUSTOMER",         "End customer placing orders via QR menu"}
+    );
+
+    @Override
+    public void run(String... args) {
+        log.info("Checking and initializing default roles...");
+
+        for (String[] roleData : DEFAULT_ROLES) {
+            String roleName = roleData[0];
+            String roleDesc = roleData[1];
+
+            if (!roleRepository.existsByName(roleName)) {
+                Role role = Role.builder()
+                        .name(roleName)
+                        .description(roleDesc)
+                        .isActive(true)
+                        .build();
+                roleRepository.save(role);
+                log.info("Created default role: {}", roleName);
+            } else {
+                log.debug("Role already exists, skipping: {}", roleName);
+            }
+        }
+
+        log.info("Role initialization complete.");
+    }
diff --git a/RestroHub/src/main/resources/application-dev.properties b/RestroHub/src/main/resources/application-dev.properties
index 39a94a36..8eb218a5 100644
--- a/RestroHub/src/main/resources/application-dev.properties
+++ b/RestroHub/src/main/resources/application-dev.properties
@@ -61,4 +61,5 @@ security.cors.allowed-origins=${CORS_ALLOWED_ORIGINS:http://localhost:5173,http:
 # --- Google OAuth 2.0 Credentials ---
 # Create your client credentials in the Google Cloud Console:
 # https://console.cloud.google.com/apis/credentials
-google.oauth.client-id=${GOOGLE_OAUTH_CLIENT_ID:YOUR_GOOGLE_OAUTH_CLIENT_ID_HERE}
\ No newline at end of file
+google.oauth.client-id=${GOOGLE_OAUTH_CLIENT_ID:YOUR_GOOGLE_OAUTH_CLIENT_ID_HERE}
+google.oauth.enabled=${GOOGLE_OAUTH_ENABLED:true}
\ No newline at end of file
diff --git a/RestroHub/src/main/resources/application.properties b/RestroHub/src/main/resources/application.properties
index f8a1c3a0..a6b73576 100644
--- a/RestroHub/src/main/resources/application.properties
+++ b/RestroHub/src/main/resources/application.properties
@@ -95,6 +95,8 @@ security.jwt.refresh-expiration=${JWT_REFRESH_EXPIRATION:604800000}
 # https://console.cloud.google.com/apis/credentials
 
 google.oauth.client-id=${GOOGLE_OAUTH_CLIENT_ID:YOUR_GOOGLE_OAUTH_CLIENT_ID_HERE}
+# Set to false to disable Google OAuth login
+google.oauth.enabled=${GOOGLE_OAUTH_ENABLED:true}
 
 # ===============================
 # Payment Gateway